Image forming apparatus and method of user authentication

ABSTRACT

An image forming apparatus includes a user authentication function that authorizes a user to operate saved print data with a password without requiring an input of the password while ensuring a security level. When a user is going to operate a document by using the image forming apparatus, and if the user logged in the image forming apparatus is a creator of the document, the image forming apparatus performs control not requiring the user to input an operation password for print data. Moreover, by managing information on users who have unlocked the operation password as document information, the image forming apparatus also performs control not requiring even users other than the creator of the document to input the operation password if the users have unlocked the operation password ever before.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to an image forming apparatus providedwith a user authentication function for controlling approval anddisapproval of performing an operation on print data.

2. Description of the Related Art

When document data is transmitted from a personal computer (PC) to animage forming apparatus and then is printed, the document data istransformed into a page description language (PDL) document with adesired print layout by use of a printer driver installed in the PC; andthen the created PDL document is transmitted to and printed by the imageforming apparatus. Meanwhile, there is also an image forming apparatusconfigured to receive document data in the portable document format(PDF) and the like that are widely used in the PC environment; then toconvert the received document data into a printable format; and toexecute a printing process. Further, there is also an image formingapparatus configured to convert document data received from a PC into aprintable format; to temporarily store the converted document data in anauxiliary storage device inside the image forming device; and to renderthe data printable at a desired timing.

Some document data can accept various password settings. For example, aPDF document can accept a password setting such as a “password foropening a document,” an “authority password” or a “password for openingan attached file.” If the “password for opening a document” is set torequest a user to input the password before opening the PDF document,only a user authorized in advance is allowed to open the file, and thusaccess to the document for preview is controlled. Meanwhile, if the“authority password” is set, access to the document for printing andediting is controlled. Further, if the “password for opening an attachedfile” is set, access to the file attached to the document is controlled.

Upon receipt of the document data provided with such access control(password-protected document data) from the PC, the image formingapparatus converts the document data into the printable format and savesthe document data in its storage device as password-protected printdata. When a user wishes to access the saved print data, the imageforming apparatus requests the user to input the password. However, if auser is requested to input a password in every operation using a touchpanel or various buttons on the image forming apparatus, the user isannoyed by such password input. To address this problem, Japanese PatentLaid-Open No. 2007-237685 discloses an image forming apparatus whichfunctions in collaboration with an authentication system, and allowsusers to access print data without requesting password inputs. In thisimage forming apparatus, a “document creator” and “accessible users andtheir authorities” for a document are managed as document informationthat is associated with print data. Thereby, when a user of the imageforming apparatus is either the “document creator” or the “accessibleuser,” the user is allowed to access the print data without inputtingthe password.

The apparatus according to Japanese Patent Laid-Open No. 2007-237685allows users authorized in advance (either as the “document creator” orthe “accessible user”) to access the print data without inputting thepassword even in the case where the print data is password-protectedprint data. However, a user who knows the password but is not authorizedin advance has to input the password every time the user wishes toaccess the print data. Moreover, the apparatus according to JapanesePatent Laid-Open No. 2007-237685 unconditionally allows the users onceauthorized in advance to access print data even after the password forthe print data is changed. Therefore, this apparatus has a problem thatits security level is low.

SUMMARY OF THE INVENTION

An image forming apparatus according to the present invention includes:unit for receiving document data set with an operation password; unitfor converting the document data into print data; unit for generatingdocument information including the operation password and userinformation of a user authorized to perform an operation of the printdata; unit for setting the document information into the print data;unit for storing the print data set with the document data; and unit fordetermining whether or not to authorize a login user to operate theprint data stored in the unit for storing by referring to the documentinformation set in the printed data. Here, the unit for determiningauthorizes the login user to operate the print data stored in the unitfor storing when user information of the login user matches the userinformation included in the document information. Moreover, the unit fordetermining requests the login user to input the operation password whenthe user information of the login user does not match the userinformation included in the document information. Further, the unit fordetermining authorizes the login user to operate the print data storedin the unit for storing and adds the user information of the login userto the document information when the operation password is inputted bythe login user.

A method of user authentication according to the present inventionincludes the steps of: receiving document data set with an operationpassword; converting the document data into print data; generatingdocument information including the operation password and userinformation of a user authorized to perform an operation of the printdata; setting the document information into the print data; storing theprint data set with the document data; and determining whether or not toauthorize a login user to operate the print data stored in the step ofstoring by referring to the document information set in the printeddata. Here, in the step of determining, the login user is authorized tooperate the print data stored in the step of storing when userinformation of the login user matches user information included in thedocument information. Moreover, in the step of determining, the loginuser is requested to input the operation password when the userinformation of the login user does not match the user informationincluded in the document information. Further, in the step ofdetermining, the login user is authorized to operate the print datastored in the step of storing, and the user information of the loginuser is added to the document information when the operation password isinputted by the login user.

The present invention allows not only the document creator but also auser who has accessed the print data ever before by using the passwordto access the print data again without receiving the user authenticationby inputting the password. Moreover, when the password is changed, theaccess to the print data can be controlled so that only the users whoknow the changed password can be authorized to access the print data. Inthis way, according to the present invention, an image forming apparatuswhich is highly convenient for users can be provided without degrading asecurity level.

Further features of the present invention will become apparent from thefollowing description of exemplary embodiments (with reference to theattached drawings).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a view showing a configuration example of a system to whichthe present invention can be applied;

FIG. 2 is a block diagram showing a configuration example of a personalcomputer (PC) 101;

FIG. 3 is a block diagram showing a configuration example of an imageforming apparatus 111;

FIG. 4 is a block diagram schematically showing functions of the PC 101and the image forming apparatus 111;

FIG. 5 is a view showing an example of a transmission setting screendisplayed on a display of the PC 101 by a transmission program 401installed in the PC 101;

FIG. 6 is a view showing an exterior appearance of a touch panel unitand a key input unit provided on the image forming apparatus 111;

FIG. 7 is a view showing an example of a user authentication screendisplayed on the touch panel unit 601.

FIG. 8 is a view showing an example of a saved job tab page to bedisplayed on the touch panel unit 601;

FIG. 9 is a diagram showing a flow of data between the transmissionprogram 401 that is installed in the PC 101 and the image formingapparatus 111;

FIG. 10 is a diagram showing a process flow of the image formingapparatus 111 after saving print data;

FIG. 11 is a diagram showing an example of a data structure of the printdata;

FIG. 12 is a diagram showing a memory area for storing the print data;

FIG. 13 is a diagram showing a file to be stored in the print data;

FIG. 14 is a view showing an example of document information;

FIG. 15 is a flowchart showing an example of a conversion process ofdocument data into the print data and a saving process for the printingdata to be executed by the image forming apparatus 111;

FIG. 16 is a diagram showing the relationship of FIGS. 16A, 16B and 16C;

FIG. 16A is a flowchart showing an example of operation for the printdata saved in the image forming apparatus 111,

FIG. 16B is a flowchart showing an example of operation for the printdata saved in the image forming apparatus 111;

FIG. 16C is a flowchart showing an example of operation for the printdata saved in the image forming apparatus 111; and

FIG. 17 is a view showing an example of a password change screen to bedisplayed on the touch panel unit 601.

DESCRIPTION OF THE EMBODIMENTS

Now, an embodiment of the present invention will be described below indetail with reference to the accompanying drawings.

FIG. 1 is a view showing a configuration example of a system to whichthe present invention can be applied.

This system includes a personal computer (PC) 101, image formingapparatuses 111 and 112 and a local area network (LAN) configured toconnect the PC 101 to the image forming apparatuses 111 and 112.Although FIG. 1 illustrates an example where there are two image formingapparatuses, the image forming apparatus may be one. Now the followingembodiment will describe a case of printing by using the image formingapparatus 111.

In this embodiment the PC 101 and the image forming apparatuses 111 and112 are connected to one another through the network. Instead, it isalso possible to apply a different mode of connection by way of parallelcables, serial cables, universal serial bus (USB) cables or the like.Meanwhile, the mode of network connection is not limited to the LAN, andthe Internet is also applicable thereto.

FIG. 2 is a block diagram showing a configuration example of the PC 101.

The PC 101 includes a central processing unit (CPU) 201, a random accessmemory (RAM) 202, an auxiliary storage device 203, an image displaydevice 204, a user command input device 205, a network interface card206, and a main bus 209. The auxiliary storage device 203 is a harddisk, a Floppy (registered trademark) disk or a compact disc read-onlymemory (CD-ROM), for example. The image display device 204 is acathode-ray tube (CRT) display or a liquid crystal display, for example.The image display device 204 notifies a user of messages and the like.The user command input device 205 is a mouse or a keyboard, for example.The user command input device 205 receives command inputs from the user.The network interface card 206 exchanges data to and from other networkappliances through a LAN 220.

FIG. 3 is a block diagram showing a configuration example of the imageforming apparatus 111.

A CPU 301 interprets a printing job received from the PC 101, andperforms print control and the like. An auxiliary storage device 303 isa hard disk or a CD-ROM, for example. An image display device 304 is atouch panel, for example. The image display device 304 displays a statusof the image forming apparatus 111 and various messages. A user commandinput device 305 is a touch panel, for example. A user (a login user)logs into the image forming apparatus 111 and instructs the printing jobby operating the user command input device 305. Here, the image displaydevice 304 and the user command input device 305 may be formed of asingle touch panel.

A print engine 307 performs print control based on the printing jobreceived from the PC 101. A reader unit 308 reads manuscript placed on aplaten, and generates electronic data such as black-and-white binarydata and color multi-value data. A digital service unit (DSU) 310performs data transmission and reception with other devices through adigital line 330. A network control unit (NCU) 312 performs datatransmission and reception with other devices through an analog line340. A modem 311 performs modulation and demodulation of the transmittedand received data. A USB communication unit 314 performs datatransmission and reception with other information terminals by usingUSB.

It is to be noted that the reader unit 308, the DSU 310, the modem 311,the NCU 312, the digital line 330, and the analog line 340 are notnecessary in this embodiment.

FIG. 4 is a block diagram schematically showing functions of the PC 101and the image forming apparatus 111.

The PC 101 is installed with a transmission program 401 for transmittingdocument data such as XML paper specification (XPS) data or PDF data tothe image forming apparatus 111. The transmission program 401 has afunction to transmit the document data to the image forming apparatus111 through a data transmission-reception unit 402 in accordance with aninstruction by a user.

The image forming apparatus 111 includes a data transmission-receptionunit 403, a data conversion unit 404, a data management unit 405, ascreen control unit 406, a print control unit 407, and a main controlunit 408. The main control unit 408 performs overall control of theimage forming apparatus 111. The data transmission-reception unit 403receives the document data from the PC 101 through a network interfacecard (NIC) 306. The data conversion unit 404 converts the document datareceived from the PC 101 into a data format that can be processed by theprint engine 307 for printing, in accordance with an instruction fromthe main control unit 408. The print control unit 407 performs printcontrol based on the converted data obtained from the data conversionunit 404, in accordance with an instruction from the main control unit408. The data management unit 405 saves data in the auxiliary storagedevice 303 or reads data that are saved in the auxiliary storage device303 and stores the data in a storage unit such as the RAM 302, inaccordance with an instruction from the main control unit 408.

FIG. 5 is a view showing an example of a transmission setting screen tobe displayed on a display of the PC 101 by the transmission program 401installed in the PC 101.

A transmission setting screen 500 includes a printer designation area501, a transmission document designation area 502, a transmissiondocument reference area 503, and password designation areas 504, 505,and 506 for designating a document operation password.

The document operation password is any of a “password for opening adocument,” an “authority password,” and a “password for opening anattached file.” The “password for opening a document” is a password usedfor displaying a preview of the print data on the image formingapparatus 111. The “authority password” is a password used for printingthe print data or editing the print data (such as deletion or passwordchanging). The “password for opening an attached file” is a passwordused when separate document data attached to a document file is used(displaying a preview, printing or editing).

The printer designation area 501 is an area for designating the imageforming apparatus 111 which is a destination of the document data.

The transmission setting screen 500 further includes a process typedesignation area 507 for designating a process type to be executed bythe image forming apparatus 111 after transmitting the document data, asave area designation area 508 for designating a place to save thedocument data, a send button 509, and a cancel button 510.

The transmission document reference area 503 is an area used for makingreference to a document saved in the auxiliary storage device 203 or thelike in the PC 101.

When a field “print only” is designated in the process type designationarea 507, the image forming apparatus 111 only prints the print data.When a field “print and save” is designated, the image forming apparatus111 prints the print data and saves the print data in a save areadesignated in the save area designation area 508. When a field “saveonly” is designated, the image forming apparatus 111 saves the printdata in a save area designated in the save area designation area 508without printing the print data.

The save area designation area 508 is an area for designating a savearea (100 save areas ranging from 00 to 99, for example) managed by adata management unit 405 in the image forming apparatus 111.

When the user presses the send button 509, the transmission program 401transmits the document data designated in the transmission documentdesignation area 502 to the image forming apparatus 111 designated inthe printer designation area 501 through the data transmission-receptionunit 402. Meanwhile, when the user presses the cancel button 510, thetransmission program 401 cancels the transmission process.

FIG. 6 is a view showing an exterior appearance of a touch panel unitand a key input unit provided on the image forming apparatus 111. Thetouch panel unit and the key input unit correspond to the screen displaydevice 304 and the user command input device 305 described above.

A touch panel unit 601 displays functions offered by the image formingapparatus 111 in the form of a tab page format, and receivesinstructions from the user. The key input unit 602 includes keys such asnumeric keypad, and receives instructions from the user. The key inputunit 602 is used together with the touch panel unit 601.

FIG. 7 is a view showing an example of a user authentication screen tobe displayed on the touch panel unit 601.

A user authentication screen 700 includes a user ID input area 701, apassword input area 702, and a login button 703.

User information such as a user identification (ID) or a password whichare used for user authentication is managed by the data management unit405 in the image forming apparatus 111. Instead, the user informationmay be managed by a user authentication system in which the imageforming apparatus 111 and a server (such as a user authenticationserver) collaborate to perform user authentication.

The login user inputs the user ID and the password in the user ID inputarea 701 and the password input area 702, respectively, and attempts tolog in by pressing the login button 703. The main control unit 408determines to authorize or not to authorize the login of the login userbased on the user ID and the password inputted by the login user.

FIG. 8 is a view showing an example of a saved job tab page to bedisplayed on the touch panel unit 601.

A saved job tab page 800 includes a printing job display area 801, aprint button 802, a preview display button 803, an edit button 804, adelete button 805, and a scroll bar 806.

The printing job display area 801 displays a list of printing jobsobtained by means of converting the document data received from the PC101 into the printable format, i.e. names of the print data.Specifically, the list of print data that is saved in the storage deviceof the image forming apparatus 111 is displayed in the printing jobdisplay area 801. When the login user selects the name of the print datatargeted for printing from the names of the print data displayed on thelist, a display color of the selected name is changed. In this way, thelogin user can designate the print data targeted for processing. In theexample shown in FIG. 8, the print data having the name “minutes” isdesignated by the login user.

The print button 802 is a button used for printing the print datadesignated in the printing job display area 801.

The preview display button 803 is a button used for displaying a previewimage of the print data designated in the printing job display area 801.

The edit button 804 is a button used for editing (such as “deletion of apage”) the print data designated in the printing job display area 801.

The delete button 805 is a button used for deleting the print datadesignated in the printing job display area 801.

The scroll bar 806 is a scroll bar for vertically scrolling the list ofthe print data when there are too many pieces of the print data thatcannot be fully displayed in the printing job display area 801.

FIG. 9 is a diagram showing a flow of data between the transmissionprogram 401 installed in the PC 101 and the image forming apparatus 111.Specifically, FIG. 9 shows the flow of transmitting the document data orthe like from the PC 101 to the image forming apparatus 111, thenconverting the document data or the like received by the image formingapparatus 111 into the print data, and then storing the print data inthe storage device.

Using the PC 101, the user performs the above-described settings andinstructions through the transmission setting screen 500 presented bythe transmission program 401. Specifically, the user selects thedocument to be transmitted in the transmission document designation area502 (S901) and inputs the document operation passwords in the passworddesignation areas 504, 505, and 506 (S902). Subsequently, the userdesignates the process type in the process type designation area 507(S903), then designates the save area of the document data in the savearea designation area 508 (S904), and then instructs transmission of thedocument data by pressing the send button 509 (S905).

When transmission of the document data is instructed, the transmissionprogram 401 acquires a user ID 701 for logging into the PC 101 (S906),and transmits the document data, the document operation passwords, andthe user ID to the image forming apparatus 111 (S907).

The image forming apparatus 111 converts the received document data intothe printable print data (S908), and generates the document informationbased on the various passwords and the user ID (S909). The documentinformation includes a document creator, the “password for opening adocument,” the “authority password,” and the “password for opening anattached file.” Detail of the document information will be describedlater.

Subsequently, the image forming apparatus 111 embeds the generateddocument information in the print data and saves the print data in theauxiliary storage device 303 (S910). Details of the steps S908 to S910will be described later.

FIG. 10 is a diagram showing a process flow of the image formingapparatus 111 after saving the print data.

The login user logs into the image forming apparatus 111 by inputtingthe user ID and the password on the user authentication screen 700, andundergoes user authentication (S1001 and S1002).

Subsequently, when the login user selects the saved job tab on the touchpanel unit 601 (S1003), the main control unit 408 displays, onto thesaved job tab page 800, the list of the names of the print data saved inthe data management unit 405 (S1004). Thereafter, the login userdesignates the print data targeted for processing on the saved job tabpage 800, and selects the operation (such as printing, preview displayor editing) to be applied to the print data (S1005). When the operationto be applied to the print data is selected, the main control unit 408determines whether the login user has the authority for the operation(S1006), and executes the process on the print data in response to theauthority for operation (S1007). Details of the steps S1005 to S1007will be described later. Lastly, the login user logs off from the imageforming apparatus 111 (S1008).

FIG. 11 is a diagram showing an example of a data structure of the printdata.

In this embodiment, the print data is assumed to be composed of multiplepages of data. The print data includes vector data 1101, meta data 1102,and a display list 1103. The print data applies a hierarchical structurewhere a document header (x1) is on the top.

The vector data 1101 is logical drawing data not dependent onresolution. The vector data 1101 includes page headers (x2), summaryinformation (X3), and objects (x4). The meta data 1102 includes documentinformation (x5), document detail information (x6), page information(x7), and page detail information (x8). The display list 1103 includespage headers (x9) and instructions (x10) for drawing data rasterisation

A storage location of the vector data (x2) and a storage location of thedisplay list 1103 are described in the document header (x1). That is,the vector data 1101 is linked with the display list 1103 by thedocument header (x1).

Layout information including the size and orientation of the page isdescribed in each of the page headers (x2). Drawing data for lines,polygons, and Bezier curves is described in each of the objects (x4).The multiple objects (x4) are collectively linked with the summaryinformation (x3). The summary information (x3) expresses a summary ofcharacteristics of the multiple objects. Information constituting thesource of image areas is described in the summary information (x3), forexample. The objects (x4) also include image objects.

The meta data 1102 is additional information which is not used for adrawing process. In this embodiment, the document creator, the “passwordfor opening a document,” the “authority password,” the “password foropening an attached file” and the like are stored in the storage area ofthe document information (x5) in the meta data 1102.

The document detail information (x6) includes document detailinformation such as a printing style of the entire document. Since themeta data 1102 is associated with the document header (x1), the documentdetail information (x6) can be referred to from the document header(x1).

The page information (x7) includes information such as whether the metadata is generated from image mode data or generated from a PDLcontaining character objects, for example. The page detail information(x8) includes attribute information related to security and a characterstring (a character code string) which is generated as additionalinformation.

Since the meta data 1102 is associated with the summary information (x3)of the vector data 1101, the page detail information (x8) can bereferred to from the summary information (x3).

The display list 1103 includes intermediate codes for converting thevector data into the form of dot images. Drawing information such asplacement information and layout information for actually printingrespective objects (figures, pictures, fonts, and the like) contained inthe vector data 1101 onto paper is described in the display list 1103.

In each of the page headers (x9), a management table for theinstructions (x10) in the page and the like are described. Theinstruction (x10) is drawing information dependent on the resolution.

FIG. 12 is a diagram showing a memory area for storing the print dataillustrated in FIG. 11. The document header (x1), the vector data 1101,the meta data 1102, and the display list 1103 are stored in the memoryin accordance with the layout shown in FIG. 12. FIG. 13 is a diagramshowing a file stored in the print data illustrated in FIG. 11. As shownin FIG. 13, the print data is stored in a single file.

FIG. 14 is a view showing an example of document information.

Document information 1400 is newly generated in the above-describedprocess in S909 (FIG. 9). The document information can be updated by themain control unit 408 of the image forming apparatus 111 in theprocesses in S1005 to S1007 (FIG. 10). The updating process of thedocument information will be described later.

The document information 1400 includes a user ID 1401 of the documentcreator, the “password for opening a document” 1402, the “authoritypassword” 1406, and the “password for opening an attached file” 1409.

The user ID for logging into the PC 101, which is acquired by thetransmission program 401 in the course of the process in S906 (FIG. 9),is set in the user ID 1401 of the document creator. The passwordinputted to the area 504 on the transmission setting screen 500 (FIG. 5)is set in the “password for opening a document” 1402. The passwordinputted to the area 505 on the transmission setting screen 500 (FIG. 5)is set in the “authority password” 1406. The password inputted to thearea 506 on the transmission setting screen 500 (FIG. 5) is set in the“password for opening an attached file” 1409.

Moreover, for each password, the number of the users who have alreadyunlocked the password and user IDs of those users are also set in thedocument information 1400. In the document information shown in FIG. 14,two users (1403) have unlocked the “password for opening a document,”and the user IDs of those users are “KITANI” 1404 and “INOUE” 1405.Meanwhile, one user (1407) has unlocked the “authority password” and theuser ID of the user is “KITANI” 1408. Moreover, there is no user who hasunlocked the “password for opening an attached file.”

The document information 1400 is the information which can be used forreference or updated at any time.

FIG. 15 is a flowchart showing an example of the conversion process ofthe document data into the print data and the saving process for theprinting data (S908 to S910) to be executed by the image formingapparatus 111.

In S1501, the image forming apparatus 111 receives the document datafrom the PC 101.

In S1502, the image forming apparatus 111 determines whether or not the“authority password” is attached to the document data. When the“authority password” is not attached to the document data, the imageforming apparatus 111 converts the document data into the print data,and saves the print data in S1506. As described previously, the“authority password” is the password used for printing the print data orediting (such as deletion or password changing) the print data.

When the “authority password” is attached to the document data, theimage forming apparatus 111 determines whether or not the “authoritypassword” is designated for the image forming apparatus 111 by the userin S1503. In this embodiment, the print data to be handled by the imageforming apparatus 111 is assumed to be printed out in the end.Accordingly, if the “authority password” necessary for printing is notdesignated for the image forming apparatus 111, the document data willbe processed as invalid data.

When the “authority password” is designated for the image formingapparatus 111, the image forming apparatus 111 converts the documentdata into the print data in S1504 by using the data conversion unit 404and using either the designated “authority password” or the “passwordfor opening a document”.

In S1505, the image forming apparatus 111 generates the documentinformation 1400 based on the document creator and the documentoperation passwords received from the PC 101, and stores the documentinformation 1400 in the storage area of the document information (x5).

In S1506, the image forming apparatus 111 saves the print data embeddedwith the document information in the auxiliary storage device 303 byusing the data management unit 405.

After these processes, the operation for saving the print data in theimage forming apparatus 111 is completed.

FIG. 16A-FIG. 16C is a flowchart showing an example of the operatingprocesses (S1005 to S1007) for the print data saved in the image formingapparatus 111.

In S1602, the login user inputs the user ID and the password by usingthe user authentication screen 700 in order to log into the imageforming apparatus 111. The main control unit 408 of the image formingapparatus 111 is configured to refer to the inputted user ID atarbitrary timing.

When the login user logs in successfully, the login user selects theprint data to be processed from the printing job display area 801displayed on the saved job tab page 800 in S1604.

In S1605, the login user selects the operation for the print data to beprocessed. Specifically, the login user presses one of the print button802, the preview display button 803, the edit button 804, and the deletebutton 805.

In S1606, the image forming apparatus 111 determines the selectedoperation based on the pressed button.

The image forming apparatus 111 proceeds to the process in S1607 whenthe printing operation is selected, proceeds to the process in S1614when the preview displaying operation is selected and proceeds to theprocess in S1621 when the editing operation is selected.

First, the process when the printing operation is selected will bedescribed below.

When the printing operation is selected, in S1607, the image formingapparatus 111 determines whether or not the “authority password” is setin the document information 1400 of the print data. When the “authoritypassword” is not set therein, the image forming apparatus 111 prints outthe print data in S1609 and terminates the process. On the other hand,when the “authority password” is set therein, the image formingapparatus 111 proceeds to the process in S1608.

In S1608, the image forming apparatus 111 determines whether or not theuser ID inputted in S1602 matches either the user ID 1401 of thedocument creator or the user ID 1408 of the user who has unlocked the“authority password,” the user IDs 1401 and 1408 set in the documentinformation 1400 (FIG. 14). Specifically, the image forming apparatus111 determines whether or not the user logged in the image formingapparatus 111 is the document creator or the user who has unlocked the“authority password.”

If the user logged in the image forming apparatus 111 is the documentcreator or the user who has unlocked the “authority password,” the imageforming apparatus 111 prints out the print data in S1609 and terminatesthe process. On the other hand, when the user logged in the imageforming apparatus 111 is neither the document creator nor the user whohas unlocked the “authority password,” the image forming apparatus 111proceeds to the process in S1610.

In S1610 and S1611, the image forming apparatus 111 displays a passwordinput screen and requests the login user to input the “authoritypassword.”

In S1612, the image forming apparatus 111 determines whether or not thepassword inputted by the login user matches the “authority password”1406 set in the document information 1400. When the passwords do notmatch each other, the image forming apparatus 111 returns to the processin S1610, and urges the login user to input the “authority password”again. On the other hand, when the passwords match each other, the imageforming apparatus 111 proceeds to the process in S1613.

In S1613, the image forming apparatus 111 adds the user ID inputted inS1602 to the document information 1400 as the user ID of the user whohas unlocked the “authority password.” Then, the image forming apparatus111 prints out the print data in S1609 and terminates the process.

Next, the process when the preview displaying operation is selected willbe described below.

When the preview displaying operation is selected in S1605, the imageforming apparatus 111 determines whether or not the “password foropening a document” is set in the document information 1400 of the printdata in S1614. When the “password for opening a document” is not settherein, the image forming apparatus 111 displays a preview in S1616 andterminates the process. On the other hand, when the “password foropening a document” is set therein, the image forming apparatus 111proceeds to the process in S1615.

In S1615, the image forming apparatus 111 determines whether or not theuser ID inputted in S1602 matches any one of the user ID 1401 of thedocument creator and the user IDs 1404 and 1405 of the users who haveunlocked the “password for opening a document,” the user IDs 1401, 1404and 1405 set in the document information 1400. Specifically, the imageforming apparatus 111 determines whether or not the user logged in theimage forming apparatus 111 is the document creator or the user who hasunlocked the “password for opening a document.”

If the user logged in the image forming apparatus 111 is the documentcreator or the user who has unlocked the “password for opening adocument,” the image forming apparatus 111 displays the preview of theprint data in S1616 and terminates the process. On the other hand, whenthe user logged in the image forming apparatus 111 is neither thedocument creator nor the user who has unlocked the “password for openinga document,” the image forming apparatus 111 proceeds to the process inS1617.

In S1617 and S1618, the image forming apparatus 111 displays thepassword input screen, and requests the login user to input the“password for opening a document.”

In S1619, the image forming apparatus 111 determines whether or not thepassword inputted by the login user matches the “password for opening adocument” 1402 set in the document information 1400. When the passwordsdo not match each other, the image forming apparatus 111 returns to theprocess in S1617, and urges the login user to input the “password foropening a document” again. On the other hand, when the passwords matcheach other, the image forming apparatus 111 proceeds to the process inS1620.

In S1620, the image forming apparatus 111 adds the user ID inputted inS1602 to the document information 1400 as the user ID of the user whohas unlocked the “password for opening a document.” Then, the imageforming apparatus 111 displays the preview of the print data in S1616and terminates the process.

Next, the process when the editing operation is selected will bedescribed below.

When the editing operation is selected in S1605, the image formingapparatus 111 determines whether or not the “authority password” is setin the document information 1400 of the print data in S1621. When the“authority password” is not set therein, the image forming apparatus 111performs the editing operation in S1623 and terminates the process. Onthe other hand, when the “authority password” is set therein, the imageforming apparatus 111 proceeds to the process in S1622.

In S1622, the image forming apparatus 111 determines whether or not theuser ID inputted in S1602 matches either the user ID 1401 of thedocument creator set in the document information 1400 or the user ID1408 of the user who has unlocked the “authority password.”Specifically, the image forming apparatus 111 determines whether or notthe user logged in the image forming apparatus 111 is the documentcreator or the user who has unlocked the “authority password.”

If the user logged in the image forming apparatus 111 is the documentcreator or the user who has unlocked the “authority password,” the imageforming apparatus 111 edits the print data in S1623 and terminates theprocess. On the other hand, when the user logged in the image formingapparatus 111 is neither the document creator nor the user who hasunlocked the “authority password,” the image forming apparatus 111proceeds to the process in S1624.

In S1624 and S1625, the image forming apparatus 111 displays thepassword input screen, and requests the login user to input the“authority password.”

In S1626, the image forming apparatus 111 determines whether or not thepassword inputted by the login user matches the “authority password”1406 set in the document information 1400. When the passwords do notmatch each other, the image forming apparatus 111 returns to the processin S1624, and urges the login user to input the “authority password”again. On the other hand, when the passwords match each other, the imageforming apparatus 111 proceeds to the process in S1627.

In S1627, the image forming apparatus 111 adds the user ID inputted inS1602 to the document information 1400 as the user ID of the user whohas unlocked the “authority password.” Then, the image forming apparatus111 edits the print data in S1623 and terminates the process.

The editing operation of the print data also includes an operation tochange any of the passwords. Now, a password changing operation will bedescribed below.

FIG. 17 is a view showing an example of a password change screen to bedisplayed on the touch panel unit 601.

A password change screen 1700 includes a “password for opening adocument” editing area 1701, an “authority password” editing area 1702,a “password for opening an attached file” editing area 1703, a changebutton 1704, and a cancel button 1705.

First, the login user inputs, in any of the password editing regions1701 to 1703, a password to be changed to, and presses the change button1704. Thereby, the main control unit 408 edits the document information1400 included in the document information (x5) of the print data.

For example, when the “password for opening a document” is changed, thenumber of users who have unlocked the password 1403 set in the documentinformation 1400 is initialized to 0, and the user ID (1404) of the user1 and the user ID (1405) of the user 2 are deleted. Meanwhile, when the“authority password” is changed, the number of users who have unlockedthe password 1407 set in the document information 1400 is initialized to0, and the user ID (1408) of the user 1 is deleted. Further, when the“password for opening an attached file” is changed, the number of userswho have unlocked the password 1410 set in the document information 1400is initialized to 0. In the example shown in FIG. 14, the number ofusers who have unlocked the “password for opening the attached file”1410 is set to 0 from the beginning. Therefore, an initializationprocess and other processes are not carried out in this case.

As described above, in this embodiment, when the image forming apparatus111 converts the document data received from the PC 101 into the printdata, the document creator set in the document data and the documentoperation passwords are set in the print data as the documentinformation. Therefore, the document creator can perform printing,preview displaying, and editing without inputting the document operationpasswords, thus improving convenience. Moreover, in this embodiment, theuser ID of the user who has ever accessed the print data is set indocument information as the user ID of the user who has unlocked thepassword. Therefore, even when the user is not the document creator, theuser can access the print data without inputting the same documentoperation password if the user has ever unlocked the document operationpassword. Accordingly, the user can access the print data efficiently.

The passwords used in this embodiment are the “password for opening adocument,” the “authority password,” and the “password for opening anattached file.” However, it is also possible to use other types ofpasswords.

Other Embodiments

The present invention is applicable to a system including multipledevices (such as a system including a host computer, an interfacedevice, a reader, a printer, and the like) and also to an apparatus madeof a single device (such as a copier or a facsimile machine).

A processing method in which a program to achieve the functions of theabove-described embodiment is stored in a computer-readable storagemedium, and causing a computer to execute the program by reading theprogram stored in the storage medium as codes is also included in theabove-described embodiment. Moreover, the above-described embodimentincludes not only the storage medium that stores the program but alsothe program itself.

The storage medium may be a Floppy (registered trademark) disk, a harddisk, an optical disk, a magneto-optical disk, a CD-ROM, a magnetictape, a non-volatile memory card, or a read-only memory (ROM), forexample.

Moreover, the above-described embodiment also includes not only theconfiguration in which the program stored in the aforementioned storagemedium executes the processes solely but also a configuration in whichthe program operates on operating software (OS) together with othersoftware and functions of expansion boards in order to execute theoperations as described in the embodiment.

While the present invention has been described with reference toexemplary embodiments, it is to be understood that the invention is notlimited to the disclosed exemplary embodiments. The scope of thefollowing claims is to be accorded the broadest interpretation so as toencompass all such modifications and equivalent structures andfunctions.

This application claims the benefit of Japanese Patent Application No.2008-116009, filed Apr. 25, 2008, which is hereby incorporated byreference herein in its entirety.

What is claimed is:
 1. An image forming apparatus comprising: areceiving unit that receives document data having an operation passwordset therein; a conversion unit that converts the document data intoprint data; a generation unit that generates document informationincluding the operation password, and sets the generated documentinformation in the print data, wherein the document information furtherincludes user identification information of users who have alreadyunlocked the operation password; a storage unit that stores the printdata having the document information set therein; and a determining unitthat determines whether or not to authorize a login user to perform anoperation on the print data stored in said storage unit based on thedocument information set in the print data, wherein said determiningunit authorizes the login user to perform an operation on the print datastored in said storage unit without a new input of the operationpassword when user identification information of the login user matchesthe user identification information of users who have already unlockedthe operation password included in the document information, wherein,when the user identification information of the login user does notmatch the user identification information of users who have alreadyunlocked the operation password included in the document information,said determining unit requests the login user to input the operationpassword, and wherein, when the login user can unlock the operationpassword in response to the request, said determining unit authorizesthe login user to perform an operation on the stored print data and addsthe user identification information of the login user as the useridentification information of users who have already unlocked theoperation password to the document information set in the stored printdata.
 2. The image forming apparatus according to claim 1, wherein saiddetermining unit deletes the user identification information of userswho have already unlocked the operation password included in thedocument information from the document information when the operationpassword included in the document information is changed.
 3. The imageforming apparatus according to claim 1, wherein a creator of thedocument data is included in the document information as a user who isauthorized to perform the operation on the print data.
 4. The imageforming apparatus according to claim 1, wherein the operation includesat least one of an operation to display a preview of the print data, anoperation to print the print data, and an operation to edit the printdata.
 5. A method of user authentication comprising the steps of:receiving document data having an operation password set therein;converting the received document data into print data; generatingdocument information including the operation password; setting thegenerated document information in the print data; storing the print datain which the document information is set, wherein the documentinformation further includes user identification information of userswho have already unlocked the operation password; and determiningwhether or not to authorize a login user to perform an operation on thestored print data based on the document information set in the printdata, wherein, in said determining step, the login user is authorized toperform an operation on the stored print data without a new input of theoperation password when user identification information of the loginuser matches user identification information of users who have alreadyunlocked the operation password included in the document information,wherein, when the user identification information of the login user doesnot match the user identification information of users who have alreadyunlocked the operation password included in the document information,the login user is requested to input the operation password in saiddetermining step, and wherein, when the login user can unlock theoperation password in response to the request, in said determining step,the login user is authorized to perform an operation on the stored printdata, and the user identification information of the login user is addedas the user identification information of users who have alreadyunlocked the operation password to the document information set in thestored print data.
 6. The method of user authentication according toclaim 5, wherein, in said determining step, the user identificationinformation of users who have already unlocked the operation password isdeleted from the document information when the operation passwordincluded in the document information is changed.
 7. The method of userauthentication according to claim 5, wherein a creator of the documentdata is included in the document information as a user who is authorizedto perform the operation on the print data.
 8. The method of userauthentication according to claim 5, wherein the operation includes atleast one of an operation to display a preview of the print data, anoperation to print the print data, and an operation to edit the printdata.
 9. A non-transitory computer-readable storage medium storing aprogram for causing a computer to execute the following steps of:receiving document data having an operation password set therein;converting the received document data into print data; generatingdocument information including the operation password; setting thegenerated document information in the print data; storing the print datain which the document information is set, wherein the documentinformation further includes user identification information of userswho have already unlocked the operation password; and determiningwhether or not to authorize a login user to perform an operation on thestored print data based on the document information set in the printdata, wherein, in said determining step, the login user is authorized toperform an operation on the stored print data without a new input of theoperation password when user identification information of the loginuser matches user identification information of users who have alreadyunlocked the operation included in the document information, wherein,when the user identification information of the login user does notmatch the user identification information of users who have alreadyunlocked the operation password included in the document information,the login user is requested to input the operation password in saiddetermining step, and wherein, when the login user can unlock theoperation password in response to the request, in said determining step,the login user is authorized to perform an operation on the stored printdata, and the user identification information of the login user is addedas the user identification information of users who have alreadyunlocked the operation password to the document information set in thestored print data.